US10560436B2ActiveUtilityA1

Pseudonymous proximity location device

43
Assignee: ASSA ABLOY ABPriority: Oct 31, 2014Filed: Nov 2, 2015Granted: Feb 11, 2020
Est. expiryOct 31, 2034(~8.3 yrs left)· nominal 20-yr term from priority
H04W 4/029H04W 4/023H04L 63/0407
43
PatentIndex Score
0
Cited by
19
References
13
Claims

Abstract

A pseudonymous proximity location device and methods of operating and/or interacting with the same are provided. The pseudonymous proximity location device is configured to provide meaningful information to authorized reading devices but useless information to non-authorized reading devices, thereby prohibiting the use of the pseudonymous proximity location device by unauthorized reading devices.

Claims

exact text as granted — not AI-modified
What is claimed is: 
     
       1. A pseudonymous proximity location device, comprising:
 a communication interface that enables communications with a reading device via a communication channel; 
 a microprocessor; and 
 computer memory including the following stored thereon: 
 a real identifier that is substantially uniquely associated with the pseudonymous proximity location device; and 
 microprocessor-executable instructions configured to:
 encrypt the real identifier with a symmetric key; 
 concatenate a nonce value after encrypting the real identifier where the nonce value is associated with the encrypted real identifier; and 
 generate a message that is transmitted via the communication interface to the reading device, the message comprising a transmitted identifier that reveals the real identifier to an authorized reading device while simultaneously concealing the real identifier from a non-authorized reading device, wherein the message includes the encrypted real identifier and the concatenated nonce value associated with the encrypted real identifier. 
 
 
     
     
       2. The pseudonymous proximity location device of  claim 1 , wherein the nonce value is a first nonce value that is unique to the message. 
     
     
       3. The pseudonymous proximity location device of  claim 2 , wherein the computer memory further comprises a nonce log that contains a plurality of nonce values previously generated by the microprocessor, wherein the instructions are further configured to receive a first response from the reading device and compare a nonce value contained within the first response with at least some of the nonce values contained in the nonce log to determine if the reading device corresponds to an authorized reading device and, if the nonce value contained within the first response is found in the nonce log, the instructions are further configured to generate a second message that is transmitted via the communication interface to the reading device, wherein the second message contains the real identifier and wherein the first message does not contain the real identifier. 
     
     
       4. The pseudonymous proximity location device of  claim 3 , wherein the real identifier contained within the second message is encrypted using the first nonce value. 
     
     
       5. The pseudonymous proximity location device of  claim 1 , wherein the first message comprises a temporary access ticket that enables the mobile device to prove it is authorized and in communication with a trusted entity. 
     
     
       6. The pseudonymous proximity location device of  claim 1 , wherein the transmitted identifier comprises the real identifier that is encrypted with a public part of an ephemeral public/private keypair. 
     
     
       7. The pseudonymous proximity location device of  claim 1 , wherein the communication interface comprises a wireless interface. 
     
     
       8. The pseudonymous proximity location device of  claim 1 , wherein the first message is transmitted via the communication interface via at least one of a Near-Field Communications (NFC) protocol and a Bluetooth protocol. 
     
     
       9. A reading device, comprising:
 memory; and 
 an application associated with the memory, the application configured to:
 receive an identifier including a nonce from a proximity location device in connection with providing one or more services to a user of the reading device; 
 create a response based on the nonce, a hash-based message authentication code, and an encryption key; 
 forward the response to the proximity location device; 
 receive a pseudo anonymous response from the proximity location device based on the response forwarded from the reading device; and 
 access a Proximity Location Device (PLD) Identity Component (PIC) to determine a real identity of the proximity location device based on the pseudo anonymous response received from the proximity location device, wherein the pseudo anonymous response does not expose the real identity to applications which do not have access to the PIC. 
 
 
     
     
       10. The reading device of  claim 9 , wherein the PIC contains a function to retrieve the real identity from the pseudo anonymous response. 
     
     
       11. The reading device of  claim 9 , wherein the PIC is resident on the reading device. 
     
     
       12. The reading device of  claim 9 , wherein the application accesses the PIC via an Internet connection. 
     
     
       13. The reading device of  claim 9 , wherein the PIC computes the real identity cryptographically from information contained in the pseudo anonymous response.

Cited by (0)

No later patents cite this yet.

References (0)

No backward citations on record.